From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#19404: 25.0.50; Gnus shows self-signed certificate warning when connecting to Gmane Date: Fri, 19 Dec 2014 10:28:52 +0200 Message-ID: <83egrwt54r.fsf@gnu.org> References: <86ppbhrx9a.fsf@yandex.ru> <838ui5uf27.fsf@gnu.org> <83vbl8uau2.fsf@gnu.org> <871tnwoglm.fsf@engster.org> <83ioh8u1cs.fsf@gnu.org> <87lhm4myaf.fsf@engster.org> <87bnn0mxup.fsf@engster.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1418977830 8832 80.91.229.3 (19 Dec 2014 08:30:30 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Fri, 19 Dec 2014 08:30:30 +0000 (UTC) Cc: 19404@debbugs.gnu.org, larsi@gnus.org, dgutov@yandex.ru To: David Engster Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Fri Dec 19 09:30:23 2014 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1Y1sx4-0000NC-GC for geb-bug-gnu-emacs@m.gmane.org; Fri, 19 Dec 2014 09:30:22 +0100 Original-Received: from localhost ([::1]:57306 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1swy-000377-Jg for geb-bug-gnu-emacs@m.gmane.org; Fri, 19 Dec 2014 03:30:16 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:55725) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1swq-00035S-Qk for bug-gnu-emacs@gnu.org; Fri, 19 Dec 2014 03:30:13 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Y1swl-00057l-7D for bug-gnu-emacs@gnu.org; Fri, 19 Dec 2014 03:30:08 -0500 Original-Received: from debbugs.gnu.org ([140.186.70.43]:41388) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y1swl-00057e-4v for bug-gnu-emacs@gnu.org; Fri, 19 Dec 2014 03:30:03 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.80) (envelope-from ) id 1Y1swk-0003gd-S2 for bug-gnu-emacs@gnu.org; Fri, 19 Dec 2014 03:30:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 19 Dec 2014 08:30:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 19404 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: Original-Received: via spool by 19404-submit@debbugs.gnu.org id=B19404.141897774614079 (code B ref 19404); Fri, 19 Dec 2014 08:30:02 +0000 Original-Received: (at 19404) by debbugs.gnu.org; 19 Dec 2014 08:29:06 +0000 Original-Received: from localhost ([127.0.0.1]:50754 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Y1svm-0003ew-Km for submit@debbugs.gnu.org; Fri, 19 Dec 2014 03:29:06 -0500 Original-Received: from mtaout24.012.net.il ([80.179.55.180]:35617) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Y1svg-0003eS-JY for 19404@debbugs.gnu.org; Fri, 19 Dec 2014 03:29:01 -0500 Original-Received: from conversion-daemon.mtaout24.012.net.il by mtaout24.012.net.il (HyperSendmail v2007.08) id <0NGT00B00LNFR900@mtaout24.012.net.il> for 19404@debbugs.gnu.org; Fri, 19 Dec 2014 10:21:04 +0200 (IST) Original-Received: from HOME-C4E4A596F7 ([87.69.4.28]) by mtaout24.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0NGT00B3MLV48T20@mtaout24.012.net.il>; Fri, 19 Dec 2014 10:21:04 +0200 (IST) In-reply-to: <87bnn0mxup.fsf@engster.org> X-012-Sender: halo1@inter.net.il X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:97559 Archived-At: > From: David Engster > Cc: 19404@debbugs.gnu.org, larsi@gnus.org, dgutov@yandex.ru > Date: Thu, 18 Dec 2014 22:50:22 +0100 > > David Engster writes: > > It *could* be self-signed. I don't know the best way in libgnutls to > > detect this. You probably have to compare issuer and subject, or > > similar. > > So my guess would be: use gnutls_x509_crt_get_dn2 or maybe > gnutls_x509_crt_get_subject and compare to > gnutls_certificate_get_issuer. If equal -> self-signed. But that could > be wrong. Best place is to ask on the GnuTLS list. Thanks, I think we should do that (and also ask). I'm afraid if we are too vague or even inaccurate in these prompts (as some Web browsers already are), too many people will become annoyed and will simply disregard them, and either always automatically accept the "Always" alternative, or even disable these checks completely.